Thesis: Automation of safety analysis for use in a CI/CD context
We are aiming at identifying and removing bottlenecks in our processes to be able to adapt our feedback loops and ensure delivery of products free from unreasonable risk in a CI/CD context, meaning we do not only want to continuously integrate and test functionality but also release it more frequently to our customers than todays’ delivery pace. For that we need to adapt our way of ensuring sufficient risk reduction to the future delivery cadence.
Be a part on our journey to continuous delivery of safe products.Problem
Today our handling of assurance cases with regards to functional safety as well as cybersecurity are reactive, means in most cases the attempt to generate an assurance case start first after a bigger portion of the evidencing work products have been compiled.
We are in the process of changing that, where we are putting forward looking assurance cases in the center of things.
A forward-looking cybersecurity cases is the combination of using a template for the assurance case that has been agreed with the assessor to fulfill the objectives of assurance and application of an incremental assessment of the assurance case until full confidence in the argumentation is achieved.
By using pre-defined templates with an argument that is pre-reviewed to have full confidence in the argumentation logic, the focus for the user is to populate the argument with the evidence needed for having full confidence in it. This means in practice to follow the processes and generate the work products that are specified. When the work product is ready the reference to the evidence is updated and the assessor is notified that there is a need for an assessment.
This means in short that we want to improve our delivery cadence by relying on assessed assurance cases at product release.
We need to do that because we see that the industry will be forced to not only put forth an argument for sufficient safety, but this argument needs to be backed up by actual data (for example SPI – Safety Performance Indicators) especially in an autonomous context.
That is where we need your help and expertise:Solution
One of the identified bottlenecks in our way of working is regarding safety analysis which are done manually today and where we would like our thesis students to compare different methods of semi automation of safety analysis like component fault trees (CFT), Hip-HOPS, etc. and to analyze with help of an example the pros and cons and in the conclusion of the thesis work give us guidance on the way forward. Goal of the thesis
Different methods for semiautomated safety analysis are evaluated and piloted on an example. Desirable expertise/profile
- functional safety
- software engineering
ASAP Additional info
The scope can be flexible and adapted to 1-2 students, depending on how many students you are and how much time you have for your thesis. Tutor
Functional Safety Assessor